As real as it may seem, remember that your bank will never call you to request personal information. Not even if it seems credible, not even if they tell us that our account has been blocked… never.
The vishing of the banks returns
The vishing it is a type of social engineering that, like phishing (emails) and smishing (SMS), seeks to obtain personal and/or bank data from users; but in this case the fraud is committed through a telephone call, deceiving the victim by impersonating the identity of a trusted third party.
One of the most used examples of these third parties is impersonating the identity of the banks themselvesin order to have direct access to data that the victim can provide and with which money can later be stolen or unauthorized purchases made.
These calls from vishing They can be of different types, depending on the modus operandi of the cyber criminal. In many cases, the bank is directly supplanted and some customer data obtained by other means is offered to generate trust and that the potential victim of fraud provides the requested information without suspicion. This method usually combines various social engineering techniques such as spoofing (impersonation of the telephone number, which may appear with the name of the bank) and the OSINT (search for information in Internet sources for the purpose of generating trust in the customer of the service they are impersonating).
Your bank will not call you
Whatever method cybercriminals use, remember that in case of unexpected calls from your bank in which you request sensitive data such as password, electronic signature, confirmation code that arrives by SMS or similar informationimmediately suspect. Your bank will never ask you for this confidential information over the phone, except in a personal call with your bank manager or in a similar situation.
In the event that you receive a phone call with these signs described above, make distrust your best weapon. Be suspicious and, if you receive a call asking for sensitive personal details, do not provide any bank details. In the event that the alleged reason for the call may coincide with a real circumstance of your account, take charge of the situation, hang up the received call and call your bank’s phone number to verify the veracity of the previous call and solve the problem in your bank account if it exists. It is preferable to interrupt the communication and contact the bank or entity to report what happened.
These recommendations also apply to other forms of contact in which they request information, whether by e-mail, SMS or any other insecure channel. Also be suspicious of those contacts that are made with the argument of offering you an excessively good promotion or offer. If it’s hard to believe, it’s probably not true.. Sometimes, greed breaks the bag and cybercriminals get you to provide your personal data with promises of refunds of money that you have not requested or to reimburse commission money, etc.
If you have provided your data, quickly check if there have been movements in your account and, if so, report the case to your bank and also to the State Security Forces and Bodies.